﻿<?xml version="1.0" encoding="utf-8" ?>
<clientSettings xmlns="Sherwood.SignOn.Client">
    <client>
        <!-- SSO client's unique identifier -->
        <code>ClientA</code>

        <!--SSO client's private RSA key. This should never be made available to 3rd parties. -->
        <rsaPrivateKey>-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCoptlkoSMpBjSICxv3cC61+pye24jclymg44mMwrsR7T2fyOES
oOijbYeaWSp8k7IX48LGfoDbbGURojbd+BwJ/LiT5yN5ADuZ7rv8OlbH3KRGb9uk
L9G8GMV20obOh9sM1k95l9AEQoq7WBlqRitrlQZBYXYl9zkJhQhPXcmpIQIBAwKB
gHBvO5hrbMYEIwVcvU+gHyP8aGnnsJMPcRXtBl3XJ2FI07/bQLcV8Gzzr7w7cahi
drqX1y7/AJJIQ2EWzz6laAWS3CvTu26+x5N39bruLFPV9RWe4mtM20kiH3oVbJ5R
y82rkA1aYD9UG0LflQj3wwARvVwMTRgNq2uw0QN+CgPLAkEA3Zab50WDe4wYyewb
28oGQBOt3/NiTwq6VM5J5V1z4ALUK0pJZd8faAb0ZcylYBTFfp+g1ePpTsmXIqAt
KtuYbQJBAMLXtkJEz2aEI/DfR/lKQ9ug+CGUoO1+FBDH9c0GbS0mhCmtHCpghdxa
4qLtN3JyJfvKlnkemJPuUNkunPXfCwUCQQCTub1E2QJSXWXb8r09MVmADR6VTOw0
sdGN3tvuPk1AAeLHhtuZP2pFWfhD3cOVYy5Uams5QpuJ27oXFXNx57rzAkEAgeUk
LC3fma1tSz+FUNwtPRX6wQ3AnlQNYIVOiK7zc28CxnNoHEBZPZHsbJ4k9vbD/TG5
phRlt/Q15h8TTpSyAwJAZfmP/dk4zrKI7Yl+AmY/o36I8WFqdE2RakIWOIFCgbK+
UMdDSS0BcgWsnzPnNGlkwkTCjBfa/bOW0PbeH2TSXA==
-----END RSA PRIVATE KEY-----</rsaPrivateKey>

        <!--SSO client's public RSA key -->
        <rsaPublicKey>-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDXFm1y+SJc6MV+568JUGI2pwdJ
wr5jFtMIE0KP1B/j4bpwe2dymG1CwyZj7AZGh3v8ahgWngau8jqBQX9XMK+nGyGI
C7PGeRGEs/Z8tcvlDNoKLuCIqPmHUJg1naURQnHPwzf8eRUmZIO1W5qqt9EbIjAU
luAz13LNe6ySJ7kFpwIBAw==
-----END PUBLIC KEY-----</rsaPublicKey>

        <!--Template of Url that sign on server should call upon successful sign on.
        This value may contain the following replacement parameters:
        [Host] - replaced with current host name
        [CurrentUrl] - replaced by the current Url
        [UrlEncodedCurrentUrl] - replaced by a URL encoded version of the current request url.-->
        <signOnUrl>http://[Host]/signon.asmx?ticket={signinticket}&amp;signature={signinsignature}&amp;returnurl=[UrlEncodedCurrentUrl]</signOnUrl>

        <!-- Template of Url that sign on server should call upon successful sign on.
        This value may contain the following replacement parameters:
        [Host] - replaced with current host name  -->
        <signOffUrl>http://[Host]signoff.asmx?ticket={signoffticket}&amp;signature={signoffsignature}</signOffUrl>

        <!--Gets the domain scope of cookies used to maintain user session locally.
         This property can be used to allow clients to provide session management for
         multiple subdomains.-->
        <cookieDomain>*.sherwood.local</cookieDomain>
    </client>

    <server>
        <!--  The number of seconds an sso ticket should be treated as valid when comparing the timestamp
        sent with the ticket with the current time.
        This timeout should take the possibility of different times on different servers into account.-->
        <ticketValidityInSeconds>300</ticketValidityInSeconds>

        <!-- Base URL to SSO Server (e.g. https://login.sherwood.codeplex.com) -->
        <baseUrl>http://signon.sherwood.local</baseUrl>

        <!-- SSO server's public RSA key -->
        <rsaPublicKey>-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDeWmRyWzFqMwq/ziLj+wJqbw9/
pjJNOjSSiE+qQEook4p9WUboy1i2BICrShSe34PYL9Xm0B/oqmxH4+2VV02BVmXe
ALYEiyk+apcffg2+fL+C8p3Si7FUxwNJS6V50wunztWYCMGGWX6GDGEPwRBnl7yr
AvSp6/IcucKOQKwJCwIBAw==
-----END PUBLIC KEY-----</rsaPublicKey>
    </server>

    <sessionRepository>
        <connectionString>Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Session\SessionRepository.mdf;Integrated Security=True;User Instance=True</connectionString>
        <sessionTimeoutInMinutes>10080</sessionTimeoutInMinutes>
    </sessionRepository>

</clientSettings>